Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

RELEASE-NO...V.html

windows7-x64

1

RELEASE-NO...V.html

windows10-2004-x64

1

RELEASE-NO...SV.pdf

windows7-x64

1

RELEASE-NO...SV.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:14

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch07.html

  • Size

    12KB

  • MD5

    951a21ca0240b1cdb4d4a6bf0b4440a8

  • SHA1

    06312cb909993bdf6681d40afee94a7c36db9b93

  • SHA256

    6d1e61c1b562b9c0e008dcf57580ca739c51ee330ba0504396b46bc312cf08f4

  • SHA512

    8a6ded9358ac08cd44423a3f9bd6e482b2628c69f99fd3b0566ce3b6552fc2057a75d1bf1d3d134154f2ee305e26d909c8b934cff6970be05c23e724717ce551

  • SSDEEP

    192:yyvOH31FNSMuoTzGbOTtsrrr14k9h6B39rK9hkg0PkmP+YCBF0:yyvOXrYOLtsr3lU0OPqm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch07.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2868
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2868 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2748

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          12d98ac192b41e9660e8c736b032154b

          SHA1

          ca3493d38ab652e831aeeb12e25a8897cb81c96e

          SHA256

          2e2e647dd0ee8dd799f49115841291c40b260527834fbfef37633fa4a3cea823

          SHA512

          0177b562438b490ee9a02d646a9f951cc78abded1911169a54d4f04cf0bc63fed80077c89f90f162aa57f7b2cb17c3461197dc23b28385e5b135c68838e2f2b6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8ba1438320f916760f9cf9c2442a22c2

          SHA1

          809dbc38440b735da59dc59545b8a82561eae02b

          SHA256

          e4e2f7d2af08860abc0bb719afbf6eb479f1fef444467698c209ae4456628075

          SHA512

          b6721a00cec41d08e465bce9841009a6602a11589bfceaa7c99279fb91edaac8d99271b2474542a593ac2e803c93cf98ee0d15da638cc473bf742f708829acc9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          145e2bf66fadf9f9c119df18aa0e5db8

          SHA1

          3da79f6b5769afe1cff3c8838094253b2e5d170c

          SHA256

          cf22b0d5806f1dc05d19fcce92f041bf3606aedcf203471686ec24030304a716

          SHA512

          f6b8c0759a8728db4d5293f02315e0526ddcf73567418f2551ed9a7277727127aa5b96e69845bfc9a056cd5921dc14372c36f4cc0377d9a41607704b6a844a96

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1f253ddc67903ff1075ad3c9c234a2d9

          SHA1

          23b2954b7f97f6fdc4e133feef463a948395504e

          SHA256

          d5ca64bad4a6cb864f423ba43fcd9d637042a5723bf84d783fe6319c67a7a592

          SHA512

          cd6414b7444cfec5dfaf9467c02e6e5a2796268507e795b84bdf6a185081c3af025cf5b54217efee4247ee88e9b868116ca222f6e33b618e790c6ae64fc7d8e5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          088617c6e39c736a647e2a311c9fb733

          SHA1

          fdb8599feed2f376efde84fc9806e88c060a0b2c

          SHA256

          41a860e5c8db7dc82f675cc0479818f524039491e411108a282b8791ce98c223

          SHA512

          f0e1e698a24f14fa7db6cdd93ed0ca22b6d2be239385392574613a2a8e68c318128917c54dd28d59d5ef2b36b2b5d97c9e15c1e0432dd2db942ed630bbbf4ce4

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1d60dab7a689f4ef3e523e0bcb5b0c53

          SHA1

          481ee8071e3dc2a204b073eea82b521881f8a94b

          SHA256

          b2412a068bdb81986c77d0d28d0ea3f4caa08e0897d4b7f131aaf4a5ee621938

          SHA512

          a0d51722fdacedd0df5ce1bad8aadad7a8754090d9945a5137fbfcfe2e013710c71a54bd1831d108377eda03b3bedafc8f44e0396d15d6d0f5d823e8d8ada57b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          61ff19ecab8c7ee07bf97c479a3f8add

          SHA1

          b96d2fd2a25de49f115f6cc11cc15c65e4fc3c7d

          SHA256

          fbc6c8050bac091e3f1faf8db42180194d53ed0b142ee0584fa982e1eaac2f37

          SHA512

          a35089e504ee258567a62e7cf888a78f4f7d43b7d6632a72d97a736b1a4f3e7195c59aed2d09530c93d5f2c6c0ea344117a9c8908399d5ffa9f1385695157278

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          fa77a585d81954f573890943e1500230

          SHA1

          0ce696e0af769fd996a80ef6afa65479efad67a4

          SHA256

          1e251a6f7f1321351b1d9ea9c315812a972d46f18a2509fc6cce0f70b9a58d50

          SHA512

          1155cf3b13440c741335a786e7e9e933539966f1b92fcaed3234bf60c6e2a614848f74da7717e3b06b28bd260874c7b1fecb3661b24b8c1d5bbd810ec56d09e0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          8f27fb5ce3377cdd48f4eb8854b94513

          SHA1

          758536002a32f93f45da10c99db81cc74299de8f

          SHA256

          9bdabe88f51f75a8e90a8826b55f0fd3d57a6821fabd80196571dcacf491a3a2

          SHA512

          b721230bba27e884f898b4e416d2720a410b9ddfe00817d0406899175f3c04422dc514a997c6b4b9f1199cd57a0d1e7d2d43cafb8d79d4883bbd35830418f1e2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          4c3582b6f98aa8a459fa2cd37212be3c

          SHA1

          9cc300ca7780c0d41524815db80f84242ff79fa0

          SHA256

          2ac4daec343b8e764e35947bd0bb1d1d2261d8b0d731fbfa712e22a948fcd593

          SHA512

          f073aa15cf30da402e7f8c92a45185d217139b94be2bdaa93d25f1209a29e8cdfff24c4bf4b25d0f606d7225f7ec88c5cdb5813317c758af919e4156c8d39e88

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ea1fc439471b42dd1c0759d806b3c54e

          SHA1

          f2eb18a381ce92751c4dbd028c6712674e4732ef

          SHA256

          8d6d932a730ba59f8f8af974f623cc1931abf71a89049a39ebc9f1a9de8ecdc3

          SHA512

          66d04859414642a129731acc545df02dd4569bd872133fe19e33094e3895c58a6b41f2104a3ce2f82a0232b98d98473a2bbe0a699fe5bc71869cfd03bd8891fd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          624ae104641e34f7f3d0a4d09471432e

          SHA1

          7ff2a9488a3d1533561eaacccb0a7edaf3377610

          SHA256

          fc5ba648aa44b065535ac66437069d577ed9328fc5d4536b2ae3bf3a79fac818

          SHA512

          33855501b85803dd9ea18ea9e178dea640199af3d10aa3261c1dbfd57f2b813bb91d91388f736560e63814f060c217f8a5eed3936d253bc4e5a0014e020804f3

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          6588aee256f9d5a69d423cd42ec46fc3

          SHA1

          774d9683e42122fb6dec84e102610f0f94696b42

          SHA256

          10913690b30f741fcb34f3328a88c8dbf99fc27c481f2dcfdc63e5e56b86d359

          SHA512

          95f97431e22372a0c07b89b1607ad616cfc5dc683b17dfee68dbb26e8091fd30e96436cae47fcc9dc7c5298d21524312b6480367e65ff313352c7dc371902ed8

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b096727a88a686b27f362c8c68286f1c

          SHA1

          1fa77d0619fea36fd560d8cb8ecf9fcb69eec908

          SHA256

          0d09beb1a7afb6e2063ac37c6f42904a38cc0dd674cb9e3a439bf4b85d8accd2

          SHA512

          2e6de349f52fd5df995eba6de63d163da664dca52dbbbd84476b26cdb908981d5d199ab9ba54c83418eda2ca5ef26bf4773155bd84b609b569fdd984544c6ff9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          b8eb4e8d3f9df317ba56664d4648e7c4

          SHA1

          f1993a6865d46d76525573ff296e538aa56e653c

          SHA256

          5d42af06182ac7a74ad16891037fbdba921a80652eb7b90cab3264376dc9227d

          SHA512

          d12ec1f21a6b025d06d3899ed37498cb1616f10972b74294762f1d5d07699a41a399b89aadfcf5debe763a0da4f7171c5da0a17971a8564abf7830468b245d91

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1603ce2f39d9ea67ca77b7c041f62fea

          SHA1

          eafcc9573e32348dcae7b7671f4756a07699ef9b

          SHA256

          eb0e7ea27b0dae8767a2471b5e6c7c43ddbda80160068f6e8fb3524e86f7a7b9

          SHA512

          2ae8557047f8da7858e569cd00c926fffbf7242adc1a25c4f74c09fc78e96c199a15ae6b98e25aa4243c1f70e2dce56947b84b53a26271aa00bfe3eb4f913e1f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          1fccd59a390a04e76f9d9b5e77462bb9

          SHA1

          06b1fef75c9d1e28ee65b81bfd8e1e72c8fe579a

          SHA256

          4daffda37d0995461dd59510f22d4837e2911f57540aa11543b6e8d41d17fac3

          SHA512

          3e22525040ca81e09f2ab3ac66b098f66a75796874dbcd913e9097edc349aa61e1bbb36c2eb872f6ceedb61fcd9428c91133c44775415dcc83a54aa44af54923

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          5fd8a47795bc4d4a6c01b1d799907781

          SHA1

          c9602db156471995288be2c2b7d7cdfeceeb8355

          SHA256

          c7cf6c9332a91f1d9ae7f2139f9ee7b40f2d487bf5b4b73e8d518f99f65e298a

          SHA512

          4203d3e6e7eca53ce409a724c4f9ab6abc644132206c2ab62be2c2eb9510ca8b87efb1472af4e2990634de9701b892d7ce32d6550f2740ad0917df3a486ac940

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabA8FE.tmp
          Filesize

          61KB

          MD5

          f3441b8572aae8801c04f3060b550443

          SHA1

          4ef0a35436125d6821831ef36c28ffaf196cda15

          SHA256

          6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

          SHA512

          5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarA952.tmp
          Filesize

          163KB

          MD5

          9441737383d21192400eca82fda910ec

          SHA1

          725e0d606a4fc9ba44aa8ffde65bed15e65367e4

          SHA256

          bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

          SHA512

          7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

          Download Submit